Introduction

Completed

This module focuses on configuring and managing advanced security monitoring and automation solutions in Microsoft Defender for Cloud and Microsoft Sentinel

Scenario

You are an Azure security engineer tasked with streamlining your organization’s threat detection and response capabilities by leveraging Microsoft Defender for Cloud and Microsoft Sentinel. Your responsibilities include configuring workflow automation, integrating data connectors, enabling analytics rules, and managing security alerts for efficient incident management.

Learning objectives

By the end of this module, participants will be able to:

• Configure and manage security alerts in Microsoft Defender for Cloud.
• Implement workflow automation in Microsoft Defender for Cloud for streamlined incident response.
• Monitor network events and performance by creating data collection rules (DCRs) in Azure Monitor.
• Integrate data connectors to ingest and analyze logs in Microsoft Sentinel.
• Enable and configure analytics rules and automation in Microsoft Sentinel for threat detection.

Goals

This module aims to equip Azure security engineers with the skills to configure, manage, and optimize advanced security monitoring, automation, and incident response solutions using Microsoft Defender for Cloud and Microsoft Sentinel.